Open Cloud Factory

The PCI Mail-Vault solution is recertified in PCI-DSS!

Open Cloud Factory is a cybersecurity company specialized in the digital world, which offers its customers cutting-edge solutions. One of the solutions that make up the Open Cloud Factory portfolio is the PCI Mail-Vault solution, very useful for any company, especially in the tourism sector and especially in the hotel world, which provides a solution that allows emails received from abroad with card data to be stored in Open Cloud Factory’s PCI Mail-Vault. This ensures that the customer’s PCI-DSS environment is not affected by possible emails with credit card data, reducing the PCI-DSS scope of the hotel.

Providing state-of-the-art solutions for hotels

In the tourism sector, especially in the hotel world, a lot of customer information is managed, from personal data, tastes and allergies, pillow preferences and, as could be expected, customer credit and debit card data. Either to have a guarantee card or because the OTA’s send this data along with the reservation and voucher or simply because it is necessary to charge a no-show.

“The motivation for 99% of cyber attacks on hotels is financial. And the target of 96% of attacks is payment data (credit cards etc.)”
Verzion: Data Breach Investigations Report

Therefore, as the PCI-DSS security standard becomes more and more established in the tourism sector, and as a result of the information leaks suffered by several hotel chains worldwide, it is necessary to have tools and services that protect sensitive customer data.
Open Cloud Factory, analyzing the hotel business, created the PCI Mail-Vault solution. In a nutshell, PCI Mail-Vault is a solution where sensitive data that is managed via email is stored in the PCI Mail Vault and only users who need to manage this sensitive information have access to it. In addition, the platform can be used to share sensitive documents with third parties in a 100% secure and traceable manner.

Daniel Lopez, Infrastructure security administrator at Open Cloud Factory, explains: “Knowing our customers’ needs is our priority. To be able to provide solutions that make their lives easier and that allow them to operate with credit card data and confidential information, with complete security of their data at all times. This was the challenge we wanted to take on when we started developing the solution and we have succeeded. With this solution, we have helped our customers to become PCI-DSS compliant. That’s why we contacted A2SECURE as a QSA expert to provide the right advice and perform the audit with maximum guarantees.

PCI-DSS regulations our business lever
“From our development department we approach the operation of having solutions that follow standards and good practices in terms of security and secure development, but it is true that for the PCI-DSS regulation it is necessary to have specific knowledge of this standard, we have A2SECURE. Working together we have understood and established the new functionalities of the platform taking into account the perspective of this standard and being able to provide our customers with a 100% PCI-DSS compliant solution”, Daniel Lopez.

About Open Cloud Factory

Open Cloud Factory’s mission is the creation and development of information technology solutions and ICT communication, to cover the digital security needs of organizations globally, so that they can operate their businesses with confidence, stability and profitability.

With presence based mainly in Spain, Mexico and Brazil and in permanent growth of emerging markets in Europe and Latam, within its expansion plan and geographic development.

The company is committed to demonstrating a common cybersecurity strategy that encompasses both IT (Information Technology) and OT (Operational Technology) and can provide visibility and control of corporate network assets.

Its technology has evolved in recent years due to its strong investment in R+D+i. Open Cloud Factory currently collaborates with public and private universities to develop cutting-edge technology. In addition, its technology has been rated by the consulting firm Gartner as the only European company in network access technology.

Among its latest milestones is the inclusion of its products in the ICT catalog of the National Cryptologic Center (CCN). It has also been awarded with the seal, by the MINECO, as an innovative SME and the Basque Government includes it in its BIND4.0 program (2019).

The main objectives for the future are to position itself as a benchmark in the digital security market and to actively commit to knowledge and technological innovation, in accordance with the economic framework that exists in the 21st century.